For which of the below use-case will you not use IAP (Identity Aware Proxy)?

Answer options:

A.Requirement of enforcing access control policies for applications and resources.
B.While working with signed headers to secure the app.
C.When setting up group-based application access
D.Providing richer access controls to protect access to secure systems by using an end-user request and ensuring each request is authenticated and authorized.

Correct Answer: D
Option A is incorrect. Identity Aware Proxy is suitable for the requirements that enforce access control policies for applications and resources.
Option B is incorrect. Identity Aware Proxy is suitable to be used while working with signed headers to secure the app.
Option C is incorrect. Identity Aware Proxy is suitable to be used when setting up group-based application access.
Option D is correct. In this scenario, we should use BeyondCorp Enterprise instead of Identity Aware Proxy.
https://cloud.google.com/iap/docs/concepts-overview#when_to_use_iap
https://cloud.google.com/beyondcorp-enterprise/docs/overview